Class: Yawast::Scanner::Core
- Inherits:
-
Object
- Object
- Yawast::Scanner::Core
- Defined in:
- lib/scanner/core.rb
Class Method Summary collapse
- .check_ssl(uri, options, head) ⇒ Object
- .get_cms(uri, options) ⇒ Object
- .get_head ⇒ Object
- .print_header ⇒ Object
- .process(uri, options) ⇒ Object
- .setup(uri, options) ⇒ Object
Class Method Details
.check_ssl(uri, options, head) ⇒ Object
112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 |
# File 'lib/scanner/core.rb', line 112 def self.check_ssl(uri, , head) setup(uri, ) if @uri.scheme == 'https' && !.nossl head = get_head if head.nil? if .internalssl || IPAddress.valid?(@uri.host) || @uri.port != 443 Yawast::Scanner::Ssl.info(@uri, !.nociphers, .tdessessioncount) else Yawast::Scanner::SslLabs.info(@uri, .tdessessioncount) end Yawast::Scanner::Plugins::SSL::SSL.check_hsts(head) Yawast::Scanner::Plugins::SSL::SSL.check_hsts_preload @uri elsif @uri.scheme == 'http' puts 'Skipping TLS checks; URL is not HTTPS' end end |
.get_cms(uri, options) ⇒ Object
105 106 107 108 109 110 |
# File 'lib/scanner/core.rb', line 105 def self.get_cms(uri, ) setup(uri, ) body = Yawast::Shared::Http.get(uri) Yawast::Scanner::Plugins::Applications::CMS::Generic.get_generator(body) end |
.get_head ⇒ Object
131 132 133 134 135 136 137 138 |
# File 'lib/scanner/core.rb', line 131 def self.get_head begin Yawast::Shared::Http.head(@uri) rescue => e # rubocop:disable Style/RescueStandardError Yawast::Utilities.puts_error "Fatal Connection Error: Unable to complete HEAD request from '#{@uri}' (#{e.class}: #{e.})" exit 1 end end |
.print_header ⇒ Object
6 7 8 9 10 11 |
# File 'lib/scanner/core.rb', line 6 def self.print_header Yawast.header puts "Scanning: #{@uri}" puts end |
.process(uri, options) ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 |
# File 'lib/scanner/core.rb', line 37 def self.process(uri, ) # get the start time, so we can display elapsed time start_time = Time.now setup(uri, ) begin # setup the proxy Yawast::Shared::Http.setup(.proxy, .) # cache the HEAD result, so that we can minimize hits head = get_head Yawast::Shared::Output.log_hash 'http', 'head', 'raw', head.to_hash Yawast::Scanner::Generic.head_info(head, @uri) # perform SSL checks check_ssl(@uri, , head) # process the 'scan' stuff that goes beyond 'head' unless .head # connection details for SSL Yawast::Scanner::Plugins::SSL::SSL.ssl_connection_info @uri if Yawast..vuln_scan # new scanner----------------------------------------------------- # this is the new model, that will eventually become the default-- # ---------------------------------------------------------------- Yawast::Scanner::VulnScan.scan(@uri, , head) else # legacy checks -------------------------------------------------- # try not to break these, until the old scanner model is removed-- # ---------------------------------------------------------------- # server specific checks Yawast::Scanner::Plugins::Servers::Apache.check_all(@uri) Yawast::Scanner::Plugins::Servers::Nginx.check_all(@uri) Yawast::Scanner::Plugins::Servers::Iis.check_all(@uri, head) Yawast::Scanner::Plugins::Http::FilePresence.check_all @uri, .files # generic header checks Yawast::Scanner::Plugins::Http::Generic.check_propfind(@uri) Yawast::Scanner::Plugins::Http::Generic.(@uri) Yawast::Scanner::Plugins::Http::Generic.check_trace(@uri) Yawast::Scanner::Plugins::Spider::Spider.spider(@uri) if .spider end # check for common directories if .dir Yawast::Scanner::Plugins::Http::DirectorySearch.search @uri, .dirrecursive, .dirlistredir end get_cms(@uri, ) end # get the total time to complete the scan. this works as long as the scan take # less than 24 hours. if a scan is that long, we have bigger problems elapsed_time = Time.at(Time.now - start_time).utc.strftime('%H:%M:%S') Yawast::Shared::Output.write_file puts "Scan complete (#{elapsed_time})." rescue => e # rubocop:disable Style/RescueStandardError Yawast::Utilities.puts_error "Fatal Error: Can not continue. (#{e.class}: #{e.})" end end |
.setup(uri, options) ⇒ Object
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
# File 'lib/scanner/core.rb', line 13 def self.setup(uri, ) unless @setup @uri = uri print_header Yawast::Shared::Output.setup @uri, if .output != nil Yawast::Shared::Output.set_current_uri @uri ssl_redirect = Yawast::Scanner::Plugins::SSL::SSL.check_for_ssl_redirect @uri if ssl_redirect @uri = ssl_redirect puts "Server redirects to TLS: Scanning: #{@uri}" Yawast::Shared::Output.log_value 'server_tls_redirect', @uri end Yawast::Scanner::Plugins::SSL::SSL. Yawast::Scanner::Plugins::DNS::Generic.dns_info @uri, unless .nodns end @setup = true end |